|
Size: 857
Comment:
|
← Revision 21 as of 2021-03-19 23:21:59 ⇥
Size: 2492
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 10: | Line 10: |
| * 192.168.1.38 ntp01 * 192.168.1.39 ntp02 |
* 192.168.1.40 ntp01 * 192.168.1.41 ntp02 |
| Line 15: | Line 15: |
| Disable the preinstalled ntp server {{{ systemctl disable systemd-timesyncd }}} |
|
| Line 17: | Line 22: |
| apt-get install ntpdate ntpdate pool.ntp.org |
apt-get install sntp sntp pool.ntp.org |
| Line 24: | Line 29: |
| apt-get install ntp | apt-get install chrony |
| Line 26: | Line 31: |
=== Configuration === Make sure chrony accepts connections from other hosts. Add the following line to `/etc/chrony/chrony.conf` {{{ allow all }}} Restart chrony {{{ service chrony restart }}} == Debugging == === Kiss of Death === The NTP-servers may run into to a synchronization loop. KoD (Kiss of Death) will be logged. ntp01 `/var/log/syslog` {{{ Jan 30 06:39:30 ntp01 ntpd[464]: receive: KoD packet from 192.168.1.41 has inconsistent xmt/org/rec timestamps. Ignoring. }}} ntp02 `/var/log/syslog` {{{ Jan 30 07:04:15 ntp02 ntpd[511]: receive: KoD packet from 192.168.1.40 has inconsistent xmt/org/rec timestamps. Ignoring. }}} While getting its IP-address from a DHCP-server, the system will also ask the DHCP-server for any available NTP-servers. This causes the NTP server to synchronize time against the other NTP-server and vice versa, which again causes them to loose track of time. The solution is to tell the DHCP-client to not request the NTP information from the DHCP-server. Make the following change in `/etc/dhcp/dhclient.conf` {{{ request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, domain-search, host-name, dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers, netbios-name-servers, netbios-scope, interface-mtu, #rfc3442-classless-static-routes, ntp-servers; rfc3442-classless-static-routes; }}} == References == * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968105 |
NTP
Keeping time is important. Especially when debugging an issue between servers. It is a pain comparing logfiles with a time skew. For that reason we will configure two NTP servers that all clients will synchronize their time to.
Configuring a redundant NTP server does not really make any sense. The DHCP server sends option ntp-servers to the DHCP clients, so if one NTP server is down, then the other will get the request instead.
Network
The NTP servers will have fixed IP-addresses. That is configured in the DHCP servers list of statically assigned IP-adresses by using the Domains MAC address.
- 192.168.1.40 ntp01
- 192.168.1.41 ntp02
Software
Disable the preinstalled ntp server
systemctl disable systemd-timesyncd
Set the Time
apt-get install sntp sntp pool.ntp.org hwclock --systohc
Install the NTP Daemon
apt-get install chrony
Configuration
Make sure chrony accepts connections from other hosts. Add the following line to /etc/chrony/chrony.conf
allow all
Restart chrony
service chrony restart
Debugging
Kiss of Death
The NTP-servers may run into to a synchronization loop. KoD (Kiss of Death) will be logged.
ntp01 /var/log/syslog
Jan 30 06:39:30 ntp01 ntpd[464]: receive: KoD packet from 192.168.1.41 has inconsistent xmt/org/rec timestamps. Ignoring.
ntp02 /var/log/syslog
Jan 30 07:04:15 ntp02 ntpd[511]: receive: KoD packet from 192.168.1.40 has inconsistent xmt/org/rec timestamps. Ignoring.
While getting its IP-address from a DHCP-server, the system will also ask the DHCP-server for any available NTP-servers. This causes the NTP server to synchronize time against the other NTP-server and vice versa, which again causes them to loose track of time. The solution is to tell the DHCP-client to not request the NTP information from the DHCP-server.
Make the following change in /etc/dhcp/dhclient.conf
request subnet-mask, broadcast-address, time-offset, routers,
domain-name, domain-name-servers, domain-search, host-name,
dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers,
netbios-name-servers, netbios-scope, interface-mtu,
#rfc3442-classless-static-routes, ntp-servers;
rfc3442-classless-static-routes;